Chipotle's Data Breach Affects Customers Nationwide

This week, the Alert Logic ActiveIntelligence team reviews how Rite Aid recently discovered that unauthorized third parties accessed the online store’s e-commerce platform and acquired personal information of customers.


Chipotle's Data Breach Affects Customers Nationwide

The company says hackers stole customer payment data from most of its 2,250 restaurants between March 24 and April 18. Reuters reported that the stolen data includes account numbers and internal verification codes — data that can be potentially used to drain debt card accounts or clone credit cards.

Chipotle has created a locator tool that customers can use to see if their restaurant was identified during the investigation, which you can check out here.

References: Chipotle Breach Affected Restaurants Across 47 States | Chipotle's Data Breach Affects Customers Nationwide | Chipotle’s Data Breach: How to Tell if You May Have Been a Victim


Mitigation Strategies:


Judy Malware Spreads to 36.5 million Android Devices

Android malware spread by apps in Google Play, Google’s official app store, may have infected up to 36 million devices. The malware, dubbed “Judy” due to many of the apps containing a character of the same name, is an auto-clicking adware which was found on 41 apps developed by a Korean company. The malware uses infected devices to generate large amounts of fraudulent clicks on advertisements, generating revenues for the perpetrators behind it. It relies on the communication with its Command and Control server (C&C) for its operation. Several apps containing the malware, which were developed by other developers on Google Play were also found. After being notified, Google has swiftly removed the apps from the Play store.

References: Judy Android Malware Infects Over 36.5 Million Google Play Store Users | Judy Malware Spreads to 36.5 Million Android Devices | A Cartoon Character Named Judy May Be Responsible for Infecting 35 Million Androids With Malware

Mitigation Strategies:

This Week's Suspicious IP Addresses

*IP addresses provided by Recorded Future.